You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by John Hughes <jo...@entegrity.com> on 2002/09/19 21:22:16 UTC
SSL support in 4.1.10
I'm using 4.1.10 to perform SSL - with client authentication - using JSSE
1.0.3.
The documentaion descibes how to configure to use TLS using the protocol=
keyword. What if I want to use either:
SSLv3
or SSLv2
John
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: SSL support in 4.1.10
Posted by Mehmet Birgi <me...@otego.com>.
Hi all,
I also got Tomcat working with client auth. last week. What I believe is
not documented in the docs is how Tomcat authenticates the client
certificates, i.e. the truststore used by Tomcat. AFAIK, the truststore
cannot be specified in the server.xml, and Tomcat just uses the
trusstore of the JVM that it is started in. In my case that was the
cacerts file in the %JAVA_HOME%/jre/lib/security directory, and I got it
working by importing my (self-signed) client certificate into this
truststore prior to starting Tomcat.
Another approach could be to define the java system property
"truststore" when starting Tomcat, but I didn't try it.
Maybe this info could be integrated into the How-To docs (any dev people
listening?), as a lot of people seem to have difficulties with this (so
did I for a long time :-)
cheers,
memo
John Hughes wrote:
> Has anyone got input on this.
>
> BTW got Tomcat working with SSL (or rather TLS!) client authentication.
> There is an extra step one needs (that's not documented in the Tomcat SSL
> How to guide). So now we have several servlets communicating with each
> other, over the SSL link, performing some OASIS SAML requests/responses.
>
>
> John
>
>
>
>
>>-----Original Message-----
>>From: John Hughes [mailto:john.hughes@entegrity.com]
>>Sent: 19 September 2002 20:22
>>To: tomcat-user@jakarta.apache.org
>>Subject: SSL support in 4.1.10
>>
>>
>>I'm using 4.1.10 to perform SSL - with client authentication - using JSSE
>>1.0.3.
>>
>>The documentaion descibes how to configure to use TLS using the protocol=
>>keyword. What if I want to use either:
>>
>>SSLv3
>>
>>or SSLv2
>>
>>
>>
>>John
>>
>>
>>--
>>To unsubscribe, e-mail:
>><ma...@jakarta.apache.org>
>>For additional commands, e-mail:
>><ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: SSL support in 4.1.10
Posted by John Hughes <jo...@entegrity.com>.
Has anyone got input on this.
BTW got Tomcat working with SSL (or rather TLS!) client authentication.
There is an extra step one needs (that's not documented in the Tomcat SSL
How to guide). So now we have several servlets communicating with each
other, over the SSL link, performing some OASIS SAML requests/responses.
John
> -----Original Message-----
> From: John Hughes [mailto:john.hughes@entegrity.com]
> Sent: 19 September 2002 20:22
> To: tomcat-user@jakarta.apache.org
> Subject: SSL support in 4.1.10
>
>
> I'm using 4.1.10 to perform SSL - with client authentication - using JSSE
> 1.0.3.
>
> The documentaion descibes how to configure to use TLS using the protocol=
> keyword. What if I want to use either:
>
> SSLv3
>
> or SSLv2
>
>
>
> John
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>